back to article Say what? Another reCaptcha attack, now against audio challenges

Whatever Google has in mind to replace its reCaptcha had better be ready soon: another research group has found a way to defeat it. Late last week, researchers from startup Vicarious demonstrated their attack against reCaptcha's image-based “I'm not a robot” proof. Now University of Maryland boffins have busted Google's audio …

  1. Florida1920

    Free advice

    You know Google will find a solution, and the researchers won't even get a "So long, and thanks for all the fish" for their efforts. The whole purpose of CAPTCHA stuff isn't really security, is it? Isn't it about teaching AI systems? If they want us to solve their puzzles, they should pay us.

  2. Shadow Systems Silver badge

    Fuck CAPTCHA.

    If the site insists on only using a visual challenge then it automaticly claims I'm a bot. Fuck you.

    If the site includes an audio challenge then it's often so badly done that even WITH downloading it & replaying it a zillion times you can barely figure out WTF was said. Get the reply wrong & again I'm a bot. Fuck you.

    And now that computers can break your challenges with such absurd ease it makes the whole thing useless, you STILL say that *I* am the bot & refuse to give me access. Fuck You.

    Just because I don't have perfect visual & audio perception doesn't mean I'm a bot, it means you & your CAPTCHA can go fuck yourselves for not considering the useless hurdles you place in our way in order to try & patronize your site.

    You've made it damn near impossible for the disabled Humans to visit, but the computers you're trying to keep out can piss all over your hurdles & bypass them with ease.

    Again, with every fibre in my being, FUCK. YOU.

    1. Florida1920

      Re: Fuck CAPTCHA.

      Wow. I mean, Wow.

      1. Shadow Systems Silver badge

        Re: Fuck CAPTCHA.

        I'm totally blind & use a Screen Reader Environment (SRE) to interact with my computer. Since a picture is worth *nothing* to a SRE (no AltText means no description for the SRE to read, thus I can't know WTF the picture is about) & an audio challenge means having to boost the volume, fiddle with the gain, manually try to manipulate the quality to remove all the background noises/buzzing/"fuzzing" used to make it harder for another computer to decipher. The result is that it's damn near impossible for me to figure out WTF was said in the clip, which means the answer I type in will invariably be wrong, which means I don't pass the test, & the site claims I'm a bot.

        The "I'm not a bot" checkbox is even more infuriating. There's nothing my SRE can find to figure out what I'm (not) supposed to do with that challenge. The checkbox is unavailable (meaning I can't check it even if I wanted to) & there's nothing else the SRE can find to read, leaving me at an impasse of artificial stupidity.

        When the AI bots can dance around such challenges & get in where I, a disabled Human can not, then their CAPTCHA system is fatally flawed.

        I'm frustrated I only have two hands with which to give them The Finger in disgust...

        Hope that helps explain my vitriol. =-j

        1. Phil O'Sophical Silver badge

          Re: Fuck CAPTCHA.

          Your vitriol seems entirely justified. There are supposedly ways to make captchas comply with Section 508, the US federal law for accessibility, I wonder if any of these sites bother to consider them, and if they are any more or less immune to captcha-breaking algorithms?

          See https://www.section508.gov/blog/CAPTCHA and https://captcha.com/accessibility/section508-captcha.html for examples.

        2. dogcatcher

          Re: Fuck CAPTCHA.

          I'm lucky, I'm only old, a bit deaf and with loss of short term memory. I struggle with these Captcha in any shape or form but the worst thing is PASSWORDS. Back in the '70s Letmein got me into my Sage accounting but now when Google or MS demand that I use upper and lowercase, numerals and everything else on my keyboard I can't even remember the password I've just entered when the site refuses to entertain the little ap I'm using to display the gibberish in clear.

          I once asked the MS disabled support people if I could go back to my original password, no they said, but if you store it on your desktop it will allways be there for you and proceeded to explain how to do it. What they couldn't tell me was how to get the desktop to appear first when I rebooted the machine.

    2. DropBear Silver badge
      Devil

      Re: Fuck CAPTCHA.

      I fully endorse the sentiment. I have never so far seen an audio captcha I could pass - I have either no idea what is being said or have no time to type it or most likely both. I just about reached the same point with "classification" ones recently - although I can see those just fine, basically it takes a really large number of forevers to either finally let me in or flat out declare me a bot because why not.

      I can tell you this - I'm a quite a calm, quiet type who abhors violence in any form, but if there is anything that will ever succeed turning me into a stark raving mad foaming-at-the-mouth genocidal maniac, it's going to be these captchas wot dunnit. Throwing the perpetrators of these abominations out the nearest airlock would be far too kind to them - maybe throwing them to the dickwolves would be an adequate fate...

      1. This post has been deleted by its author

  3. Dan 55 Silver badge

    Captcha security

    Seems to defend against blind people and people in a rush.

    Now all they need to do is add security against spammers and phishers.

    Unfortunately it's not going away until Google have trained their self-driving AI to identify all street features.

  4. fidodogbreath Silver badge

    Possible countermeasures the paper suggests Ways to make CAPTCHA even more fscking annoying include...

    FTFY

  5. cd

    I am functional and cannot pass reCaptcha. Google is using it to leverage forced upgrades, have people do free work, and gatekeep against people blocking their invasive scripts.

  6. Anonymous Coward
    Anonymous Coward

    KA

    All this effort with Google CAPTCHAs, but no one is working on he *important* crack, the picture-CAPTCHAs on KissAnime that prevent me from bulk-downloading shows....

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019